Sunday, October 28, 2007

On the Importance of Backups

27 gigs and 2 days later, my first automated backup to S3 has completed. Hopefully I'll need no further major changes to my backup system. It's not the Holy Grail of automated backups, but it'll serve my purposes.

Originally I was going to use this space to discuss the design and evolution of my backup system. It's kinda interesting to read about, but I'll save that talk for another time. Right now I just want to get on my soap box.

If you do not have more than one copy of the important data stored on your computer, you are an idiot. Seriously people; I've been bit by hard drive crashes many times before. I've lost important data which then had to be recreated in a fraction of the time it took to create it the first time. It happens, and you have to prepare for it. If you're reading this and my previous post about off-site backups and are thinking to yourself, this guy's paranoid, then I have successfully expressed myself. You're damn right I'm paranoid; would that everyone was at least as paranoid as I am about keeping their important data backed up.

The simple truth of the matter is that your hard drives will fail. They're mechanical, and mechanical things wear out. Hell, when you consider that the read head's about a millionth of an inch above a metal plate rotating at about 7500 revolutions per minute, it's a wonder the damn things last as long as they do. Point is, you should not assume your hard drives will last forever. Back your shit up.

A couple months ago, a coworker was telling some of us about how the hard drive in her personal computer failed, taking with it about 5 years of emails, photos, and various other irreplaceable things. She was dismayed to hear that it would cost her several thousand dollars for a data recovery company to attempt to recover the data on that drive, with no guarantee that any of it would be recovered. A $100 external hard drive and a regular backup regimen would have made this a non-issue.

Not too long ago, a friend called me because his computer stopped booting. He was worried that his wife was going to lose some important work documents if the hard drive died. Fortunately the computer eventually did boot again and he was able to transfer these documents to another computer. Is this computer backed up? Probably not. Will I be getting another frantic phone call from him when this computer decides to give up the ghost? Probably (unless he takes these words to heart). People (myself included) rarely understand the importance of backing up data until they suffer data loss.

And just yesterday a friend told me he'd accidentally erased the data in the wrong partition on one of his hard drives, taking with it a bunch of music and photos. No backups, of course. Last I heard he was able to recover some of it, but most of it will be gone unless he invests large amounts of time and effort in the recovery process.

My personal theory of backups is that they have to be automated or they won't be done. One of the reasons people don't back things up is because it's a plan for the future activity, and a decent number of people don't plan for the future. After all, they can get to their data now; isn't that what matters? So it needs to be automated so it isn't forgotten. Fortunately, smart people have done that legwork so you don't have to (unless you want to or have some specialized need that requires that you roll your own solution). If you're running Windows, you have a backup utility on your computer already. Set it up to run while you sleep and point it to a USB hard drive (which will fail, but it's unlikely that it'll fail at the same time as the drive in your computer). For Mac users, the new Time Machine feature looks sweet, or you can set up a lower-tech solution.

Two copies is nice, but more are better. And it's always nice to have one copy in a physically different location than the others. After all, what happens if someone breaks into your home and steals both your computer and your backup drive? Or your home burns down? Fortunately, there are all number of solutions for online backup. These are nice because they take care of making multiple copies of your data for you. All you have to do is copy your data to their system once, and they'll potentially make hundreds of copies of it for you automatically. You could use one of these services in addition to or instead of an external hard drive. If you decide to look into one of these services, here's a few things to think about.

Can the backup be automated?
It does you no good to sign up for the service if you never use it. Easiest way to ensure you're actually backing things up is to have the computer worry about it. Computers are good at that sort of thing.
How much storage is included?
Some inexpensive (or free) services don't give you a lot of storage. If you don't need a lot of storage (and don't plan on needing it in the future), this may be fine for you. If you need a lot of storage, it behooves you to look carefully at storage limits and costs for exceeding that limit.
What operating systems are supported?
Many services expect you to use a Windows client to upload your files. For you Windows users out there, this probably isn't much of an issue unless their application is a buggy piece of shit. This is where a free trial might come in handy.
How safe is the data?
Many services encrypt your data before copying it onto their system. If it's important to you that others not be able to read your data, this should be a consideration.
How much does it cost?
Some services with smaller backup limitations are free. If you don't need to back up a lot of data and the service otherwise meets your needs, go for it. Otherwise, expect to pay some money.
How many copies of the data will be made?
It'll probably be hard to get a direct answer to this question. Most services offer a service reliability guarantee, so they'll promise that the service as a whole will suffer at most n minutes of downtime during a month where you'll be unable to access to your data. n is usually a fairly small number. Beyond that, the answer you'll probably get is a lot.
How easy is it to get the data off the system
If you find yourself working on a bunch of computers, it might be nice to have access to your files at all times. Some services will make this easy. Others require a custom application to pull down the data. Remember, your backup is useless if you can't get it when you need it (or if it doesn't work.
Do they offer a free trial
Might be nice to see if the solution will work for you before plunking down cash. Test the automation, make sure you're comfortable using the user interface, perhaps even try a test recovery of your files.

I'm not one to call people idiots without offering to help rectify the situation. I know not everyone's a technical wizard, so if you aren't I'll offer to help you get an automated backup system running provided you are capable of contacting me. I won't do all the work for you, but I'll answer questions and do what I can within reason. It helps me in the long run because then I don't get phone calls in the middle of the day (well, maybe I would anyway; some of my friends who don't have jobs clearly assume I don't either and call me to talk about weird shit). And if you successfully perform automated backups, feel free to mention how your system works and whether or not you've ever needed to use it. I always like hearing how others have solved problems similar to ones I've solved.


Post a Comment

<< Home

Monday, October 22, 2007

My First SoCal Fire

Southern California, as you may know, is on fire. Now I'm fortunate that I haven't had to evacuate. And since the closest fire to me has been 100% contained, it's unlikely that I will need to evacuate in the future. Some of my co-workers weren't so lucky.

Even though there's no fire, there's still a ton of smoke. Around where I live it's not too bad. It's a bit smoky and hazy, but I don't really notice it indoors. The San Diego skyline yesterday, on the other hand, was like that of a post-apocalyptic war zone. The combination of the smoke and sun made the sky a bright yellow, and the haze reminded me of Valley fog.

Anyway, during the time I was unsure whether or not I needed to evacuate, I considered the flaws in my computer backup strategy, which is fairly comprehensive and born from being bit in the ass by data loss too many times. My home directory, digital photos, and emails are all stored in a Subversion repository (this saved my ass in college when I accidentally deleted the directory containing my senior project). This has two benefits. First, it ensures my laptop is backed up. Second, it keeps my home directories in sync. Every night, a backup script mounts a USB drive connected to my computer and dumps the subversion repository to it.

Immediately you see the problem, just as I did and have for some time. What happens if my apartment catches on fire? Or someone breaks in and steals both the computer and USB drive? Everything's gone in one fell swoop.

My original intent when I bought the USB drive was to go to the bank every week, take the drive out of my safe deposit box, perform a manual backup, then return the drive to my safe deposit box. Problem is, I'm lazy. Rule number 1 of backing things up is if it isn't automated, you didn't back it up. I'm not going to the bank once a week; I have better things to do. So it needs to be automated.

I've been looking at Amazon S3 for quite some time and think I'm ready to give it a shot. I've been concerned about how I would protect everything, but the final pieces of the puzzle have came into place. I'm going to describe my proposed new backup strategy below.

Incremental subversion dumps will made every night as they always do. They will be encrypted using public key encryption and be stored on both my USB drive and uploaded to S3. The public key will reside on the backup server and will encrypt the backup files. The private key will be be broken up into three pieces using Shamir's method for sharing secrets. One piece will reside on a USB stick in the safe in my apartment, one piece will reside on a USB stick in my safe deposit box, and one piece will reside on S3. Two of the three pieces will be required to reconstruct the private key, allowing either the bank, my apartment, or the S3 network to be destroyed while still requiring that someone have access to two of those pieces before they have the full private key. I'll also be putting paper copies of the USB sticks into both my safe and my safe deposit box just in case the USB drives die.

One thing I'm not quite clear on is how I'm going to validate that the files in S3 haven't been tampered with. I guess I combination of S3 permissions and not giving anyone the public key will do the trick. I'd considered signing them, but the end result is the same as just encrypting the files with a public key not being made public: the scheme depends on a private file no one else has.

Another question is how I'm going to verify the backup completes successfully each night. After all, rule number 2 of backing things up is if you didn't verify the backup works, you didn't back it up. The private key won't be on the computer being backed up (for obvious reasons), so I can't do an automated test (unless I want to do a dry run with a dummy public/private key pair, but that doesn't verify the production backups). I want to say I'll test the restore process every now and then, but I won't (see rule number 1). For now, it'll just have to be good enough.

Comments or suggestions on how to improve this scheme are welcome. In particular, if you want to solve the bottom two issues for me, I'm all ears.


Post a Comment

<< Home

Tuesday, October 16, 2007

On Sitting

A few days ago at work all employees were given a talk about proper ergonomics when sitting at one's desk. For those people who have proper posture or for the most part sit correctly at their desks, the talk was likely informative and useful. But of course from the way I put quotation marks around correctly, you know I was not one of those people.

I sit at my desk at work in a very comfortable but non-traditional way, and my work area is organized to accomodate this seating position. On the front and right sides of my cubicle are desks which stretch across the length of the cubicle. I put my computer monitors in the front of the middle section of where the two desk pieces meet and sit facing the front of the cubicle so I can rest my arm on the right desk section when need be. I use a trackball because the placement of my second monitor doesn't give me a lot of room to move a mouse around on my desk. The desk area directly in front of me remains clear so I can rest my legs there. All my papers and books are on the right section of the desk for easy access, and things I don't need easy access to are to the left of my legs. My chair reclines further back than just about any desk chair I've seen, which makes it possible for me to rest my legs on my desk without slouching in my chair. I rest my keyboard on my lap so I don't fatigue my arms by reaching towards the desk. My chair's armrests extend back to the chair's backrest, which gives my arms proper support when I'm typing. It's a damn comfortable way to sit, and so far it's worked out well for me (except for the couple times I've fallen out of my chair, but that hasn't happened in over a year). Sit leaning back in my chair with my feet up, crank up some Muse, and I'm in coding Nirvana.

It's no secret I sit like this at my desk. Which is why many a co-worker looked at me once we started talking about ergonomics. And came the clincher near the end of the talk: I just wanted to address this because I've seen the way some of you sit at your desks, like Aaron. Shortly after, how I sit at my desk was demonstrated to the entire company by the person giving the talk, while commenting that it actually wasn't too bad a way to sit ergonomically speaking since my arms are rested on my lap. We all had a good laugh at the demonstration. It was all in fun, so I didn't care. If you can't laugh at yourself, who can you laugh at?

After the talk, I went to my desk and evaluated my seating position according to the ergonomic criteria discussed. The main idea was that each part of one's arm be below the previous part so blood flow to the fingers isn't fighting gravity. Based on that criteria, my seating position's not so bad. My wrists are slightly higher than my elbows, but that could be solved with taller armrests. And although my arms angle inward, I type with my hands at an angle on my keyboard so my wrists are straight. And of course there's research which suggests that sitting with one's back at a 135 degree angle is better than sitting with one's back at a right angle. Whether or not the research is credible I don't know, but it's certainly more comfortable for me to sit with my back at an angle than to sit straight up. Which is why I sit like I do in the first place.


Post a Comment

<< Home

Sunday, October 14, 2007

War of the Holiday Wars

I hereby decree that every time I bring something up which has the potential to start a religious war (be it a religious war on religion, operating systems, text editors (why the hell is there a Wikipedia article devoted to that?), or whatever) I shall tell a relevant anecdote from my own life in an attempt to entertain and personalize the discussion. So without further adieu...

I went to a Mennonite school during junior high and high school. Mennonites, for those of you who don't know, are a very conservative sect of Protestantism. Some of the Old Order sects give the Amish a run for their money, and even the more liberal Mennonite sects like the one which ran the school I attended are, relatively speaking, quite conservative. How conservative? We couldn't have school-sponsored dances because dancing doesn't bring you closer to God. This was an improvement over the previous you can't dance at all policy that (fortunately) died out some years before I went there. I argued that nothing but Bible classes (excluding the ones we spent watching Mr. Bean) brought one closer to God, but this argument was not well-received.

In seventh grade, the father of one of the kids in my class came to speak to our Bible class about Halloween. He was the pastor at one of the local Mennonite churches, and he'd decided that we needed to be warned about the evils of Halloween. I won't go into specifics because I don't remember them, but the gist of his sermon was that Halloween was from the Devil and good Christians shouldn't participate in it at all. No decorating, no trick-or-treating, no dress-up, nothing. He may have gone so far as to argue that even church-sanctioned Halloween activities were of the devil, but I honestly can't remember whether he claimed that or not. After he finished talking, he asked all of us who still planned to celebrate Halloween to raise our hands. A bunch of us did, and he rebuked us, saying you're just falling for Satan's schemes again. That impressionable seventh grade students at a conservative Christian school saw through his bullshit tells me just how insane this guy was. None of us were going to become Satanists (well, almost none of us) because we dressed up and went to a Halloween party or went door to door; it was just a fun time for us to act like kids. I do wonder what happened to the pastor's son. A piece of me hopes he didn't become insane like his dad, but the rest of me assumes he did. Looking back on some of what I experienced in my past (perhaps someday I'll write about my seventh grade English teacher who forbade us from writing book reports on books with witches in them), it's a wonder I stayed sane. Thank The Great Juju at the Bottom of the Sea for small miracles, I suppose

We hear a decent amount (whether we want to or not) about the War on Christmas that atheists apparently are fighting. Although I'm still not entirely sure what the War on Christmas is, what appears to be at the center of the debate is that idea that wishing someone a Happy Holidays instead of a Merry Christmas somehow secularizes an already secular holiday season. One particularly strange backlash is against some people who call Christmas trees Holiday trees. Considering they're usually up during most of the holiday season, the latter probably makes more sense. Truth be told, I'd probably never take my tree down given the choice (and indeed, here we are in October and I still have my snowman tree ornament out from last December). Hell, according to Wikipedia, the first modern decorated tree displayed in winter was actually a New Year's Tree.

Well, apparently someone's decided to fire back with a War on Halloween. Fortunately, they missed.

Rivera-Alicea v. Gonzalez-Galoffin, 2007 U.S. Dist. (D PR, Sept. 20, 2007), involves claims by a secretary in Puerto Rico's Department of Justice that she was retaliated against for complaining that pagan office Halloween decorations offended her Pentecostal Christian religious beliefs. In rejecting plaintiff's Establishment Clause claim, the Puerto Rico federal district court held:

Halloween decorations, like valentines, Easter bunnies, and egg hunts are all secular displays and activities that neither convey religious messages nor constitute religious symbols. Halloween lost its religious and superstitious overtones long ago. It has become instead a commercial holiday enjoyed by communities in its many forms of entertainment.

Seems wrong to claim persecution when you yourself are involved in your own particular brand of it against someone else. Still, I'm not buying that either's a war. Wake me when the government seizes the nativity scene or jack-o-lantern you've set up on your own property. Until then, can't we just keep the government's holiday celebrations secular and let individuals and private organizations celebrate whatever holidays they want in whatever manner they see fit?


Post a Comment

<< Home